Apple hack shows growing vulnerability for Macs

A cyber warfare expert works on his Apple laptop computer during a portrait session in Charlotte, North Carolina in this December 1, 2011 file photograph. Apple Inc was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on February 19, 2013 in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date. REUTERS/John Adkisson/Files

In a sign of Apple's (AAPL) increasing vulnerability to hackers, some Mac computers belonging to Apple employees were infected with Java-related malware when the employees visited a software development website, the company announced Tuesday.

The disclosure follows a similar Java-related cyberattack against Facebook that was revealed Friday and comes after President Barack Obama called on Congress in his State of the Union address to impose tougher legislation to protect American interests from cyberattacks.

Apple iPhones and iPads do not appear to be infected and the Cupertino company did not disclose how many of its employees' computers were infected or when. It issued a software fix Tuesday aimed at customers who already had installed Java on their Macs.

Windows-based operating systems have been the most popular targets of hacker attacks. But hundreds of thousands of Mac computers were hit last year with a Trojan horse virus called "Flashback" and the latest cyberattack is a troubling sign.

"Definitely, Macs are not as secure as they were previously," said Liam O Murchu, a researcher with Symantec. "Until last year, we hadn't seen a lot of Mac threats. This showcases that Macs are not invulnerable."

Neil Cook, chief tech officer for Cloudmark, which works on Internet security issues, said Apple's rising popularity makes it a bigger target for hackers.

"Apple's market size has always lagged behind," Cook said. "Now one in every three laptops sold is a Mac so they've become extremely mainstream and they've entered that sweet spot that hackers are looking for."

AllThingsD, a prominent tech industry blog, reported that both the Apple and Facebook attacks may have stemmed from one compromised website that is related to mobile development. The blog, citing sources close to the Facebook hacking probe, identified the site as iPhoneDevSDK and said it could also be connected to a recent Java-related Twitter hack that may have accessed up to 250,000 user names and passwords.

"The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers," Apple said in a statement. "We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware."

Since Apple launched OS X Lion in 2011, it has shipped Macs without Java. Apple's OS X automatically disables Java if it has not been used for 35 days, as a security measure, Apple said.

Last week, Facebook reported that hackers planted malicious software on a website frequented by developers who build mobile software applications in a scheme known as a "watering hole attack."

The world's largest social network said there was no evidence that any of its members' information was compromised.

Java was developed in the early 1990s by Sun Microsystems, which was bought by Oracle (ORCL) in 2009. In January, the Department of Homeland Security issued a warning to disable Java software in browsers unless "absolutely necessary," and the head of Oracle's security for Java subsequently acknowledged that the company needs to bolster public confidence in the software.

Critics contend that Java has been poorly maintained by Oracle and over the past three years has had at least 90 security vulnerabilities of medium to high severity, according to a federal database that tracks such problems.

Contact Dan Nakaso at 408-271-3648. Follow him at Twitter.com/dannakaso.